Right, so Caddy shouldn’t be routing VPN traffic itself. The VPN should be going
Caddy hosting the certificates to connect to VPN ----> Client ----> Server
Traffic itself shouldn’t be going through Caddy. What you want to do is have all of your Caddy webserver traffic on port 443. Your reverse proxies should be on different ports Your Caddyfile should look something like this
vpn.eltomation.com {
import logging
import certs
reverse_proxy https://192.168.16.4:1443 # You should be able to set a different port for the Web GUI here and have Caddy reverse proxy it
}
admin.vpn.eltomation.com {
import logging
import certs
reverse_proxy https://192.168.16.4:943 # You should be able to reverse proxy the admin page with Caddy using this
}
Note that since you are only hosting the VPN on port 1194, you don’t need a webpage for it. Since you have a VPN on port 443, you have a few different options:
- Make Caddy use TCP and the VPN use UDP. That way you can have both binded at the same time. You can do this by removing experimental HTTP/3 support
- Move the VPN on a different port like 1195 or 2443
I assume you’re using OpenVPN Access Server? You may even be able to set the root to where the web files are located so you would replace the reverse_proxy line with this:
root * /path/to/access-server-webfiles
So, unless you have a reason to keep the VPN itself on port 443, you should move it off of it and use something like 1195 or 1294 for the other one.
Also, for the sake of making it easier on yourself, remove the experimental http3 from your file. Try and get it working and once you do, you can try adding back the experimental http3 block and see if it breaks anything.